Unfortunately, Ransomware is on the rise
Ransomware - our most feared form of malware is back on the table and not going away…
A recent spike in NAS-targeted Ransomware attacks has prompted this blog post which includes variations of the deadly Deadbolt crypto to which there is no resolution. TrendMicro has a full write-up of what it is and how it works if you’re interested: Closing the Door DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme (trendmicro.com)
If you aren’t aware - Ransomware attacks are business destroying if you are not prepared. Malicious actors gain unauthorized access to your systems, encrypt your data and give you 3-5 days to pay their ransom to unencrypt the data - nasty stuff.
WHY DON’T RANSOMWARE ATTACKS GO AWAY? EASY.
Let’s say for round figures you earn $1000 a day, as long as your computer works.
The hackers then come in and turn off your computer, it won't turn on until the hackers give you a key.
Then they demand you pay them $10,000 for the key.
It'll take you 30 days (or more) to fix the computer without paying the hackers, costing you $30,000
So you pay the $10,000 to the hackers because it's cheaper in the long run but this is a gamble as it is not a guaranteed solution.
You then hopefully spend money making the computer systems more secure, so it doesn't happen again.
After a year or two, you (or other businesses) may probably get lazy/complacent and don't want to keep spending money to make it secure, and the process repeats.
BACKUPS
The best and sometimes ONLY protection against Ransomware is… multiple backups, including a backup that is off-site or off-premise. This is because a locally plugged-in external hard drive is actively sought out by the hackers and will also become infected (encrypted) thus rendering it useless. Our preferred backup methodology is 3-2-1. Talk to us today about it! We will have a blog post on this soon.
To really tick all the boxes and lower your cyber risk (and insurance premium), test your backups and ensure your restore procedure actually works (known as a fire drill). This is the difference between a day’s worth of inconvenience or alternatively - days, months, or even years’ worth of work destroyed and unrecoverable.
Only storing your most important data in 1 location makes you vulnerable (e.g. only on a computer or only in Google Drive or OneDrive).
TO ALSO HELP TOWARDS PREVENTING AN ATTACK & PAYING A RANSOM, USE A COMBINATION OF THE FOLLOWING
All network infrastructure (Routers, Switches, Cameras, NAS’s), PC’s, Mac’s, Laptops, IoT devices etc are all up to date with the latest firmware / operating systems
Network filtering and adequate firewall rules put in place (IDS IPS)
Using Business Grade Systems, not free residential grade solution - Why we use Cloudflare extensively — Computer Clinic (computer-clinic.co.nz) // Professional Business Email Addresses — Computer Clinic (computerclinic.nz)
Minimizing port forwarding on the router to your internal systems
Use Multi-factor authentication for all your logins - 2 Factor Authentication - The New Standard — Computer Clinic (computer-clinic.co.nz)
Have security awareness training once per year - Latest 365 Scam | What to look out for — Computer Clinic (computer-clinic.co.nz)
Use long passphrases, not passwords and use a passphrase manager to store them securely - IT Security 101 - C@n y0ur Password b3 gue55ed? — Computer Clinic (computer-clinic.co.nz) // Strong Passwords are Important! — Computer Clinic (computer-clinic.co.nz)
Locking down external communications to your business - Protecting Websites & Stop Fraudulent Enquiries via your 'Contact Us' Page — Computer Clinic (computerclinic.nz)
Even with all of the different layers of protections put in place, it is a matter not of ‘if’ but ‘when’ your business will be targeted. Holes in all systems are discovered daily, and it is a never-ending game of cat & mouse.
To finish off, a lot of insurance will be null & void if adequate security & backups are in place due to how common these attacks are. We can assist with this process as well Cyber Insurance — Computer Clinic (computer-clinic.co.nz)
Talk to Computer Clinic today to work with your business to avoid ransomware disasters, and how to deal with them when they eventually do strike!